Privacy Policy
Learn how we collect, use, store, and share your personal data in connection with our website https://libra.tools (including /en) and the Libra Monorepo storage service (collectively, the “Services”).
Privacy Policy
Last Updated: March 20, 2026
GitMono Limited (“GitMono”, “we”, “us”, “our”), a company registered in Hong Kong, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal data in connection with our website https://libra.tools (including /en) and the Libra Monorepo storage service (collectively, the “Services”).
We comply with the Personal Data (Privacy) Ordinance (Cap. 486) (“PDPO”) of Hong Kong and its six Data Protection Principles. This Policy also serves as our Personal Information Collection Statement (PICS).
Personal Data We Collect
Information you provide
- Account information (display name, email, password, profile photo, SSH keys, API keys).
- Payment information (handled by third-party processors such as Stripe; we do not store card numbers).
- Communications (support requests, feedback, uploaded repositories/files).
- Marketing preferences.
Information collected automatically
- Device data (OS type/version, browser type, IP address, device identifiers, MAC address, screen resolution, general location).
- Usage data (pages viewed, access times, navigation paths, engagement).
- Cookies and similar technologies: Cookies (small text files for functionality, preferences, analytics); HTML5 local storage (for larger persistent data); web beacons/pixel tags/clear GIFs (to track email opens, page views, clicks).
Information from third parties
- From social logins, integrations, or connected services (subject to their privacy settings).
How We Use Personal Data
We use personal data only for the purposes notified at collection or directly related purposes (PDPO DPP3), including:
- Providing and operating the Services (e.g., repository storage, authentication).
- Communicating with you (support, updates, security alerts).
- Improving, personalizing, and securing the Services (including analytics and troubleshooting).
- Marketing (with opt-out option).
- Research, analytics, and aggregated/de-identified data for product improvement.
- Complying with legal obligations and protecting rights.
How We Disclose Personal Data
We may share data with:
- Service providers (hosting, cloud storage, payment processors) under contractual obligations (PDPO DPP2 & DPP4).
- Professional advisors (lawyers, auditors).
- Authorities (where required by law).
- In business transfers (merger, acquisition).
Data may be transferred outside Hong Kong (e.g., to cloud providers in other jurisdictions). We ensure appropriate safeguards via contracts or other means. No cross-border restrictions apply under current PDPO (Section 33 not in force), but we apply best practices.
Privacy Choices and Rights (PDPO)
Under PDPO, you have the right to:
- Request access to or correction of your personal data.
- Withdraw consent (where applicable).
- Opt out of marketing communications (unsubscribe link or email [email protected]).
- Delete your account (via dashboard or request).
To exercise rights, contact us at [email protected]. We will respond within 40 days (or as required by law). We may charge a reasonable fee for access requests.
You may manage cookies and tracking technologies via browser settings (e.g., block cookies, reject local storage). For more on managing cookies, see resources like https://www.allaboutcookies.org/. We currently do not respond to “Do Not Track” or similar signals.
For third-party advertising/analytics opt-outs (if applicable), you may use industry tools such as:
- Google Analytics opt-out: https://tools.google.com/dlpage/gaoptout
- Digital Advertising Alliance: https://optout.aboutads.info/
- Network Advertising Initiative: https://optout.networkadvertising.org/
Opt-outs may need to be exercised per device/browser.
Security and Retention
We implement reasonable technical, organizational, and physical safeguards to protect personal data (PDPO DPP4). However, no security measures are absolute, and we cannot guarantee complete security.
We retain personal data only as long as necessary for the stated purposes, legal obligations, or dispute resolution (PDPO DPP2), considering factors such as data sensitivity, potential risks, and legal requirements. Upon request or when no longer needed, we will delete or anonymize data where possible.
Children
The Services are not directed to children under 13. We do not knowingly collect data from children.
Third-Party Services
Links or integrations to third parties are governed by their own policies. We are not responsible for them.
Changes to This Policy
We may update this Policy. Material changes will be posted here with the updated date. Continued use constitutes acceptance.
Contact Us
GitMono Limited
Email: [email protected]
(We are the data controller under PDPO; our Data Protection Officer can be reached at the above email.)
For more information on PDPO rights, visit the Office of the Privacy Commissioner for Personal Data, Hong Kong (https://www.pcpd.org.hk).